Remove usage of the "firewall_driver" in the neutron server
Back in Newton, patch [1] added to the agents possibility to report in the heartbeat messages if hybrid plug of the ports is required or not. Usage of "firewall_driver" option by mechanism drivers (so on the server's side) was kept just for backward compatibility. But as we are now about 4 years from the [1] I think it should be safe to do small cleaning, remove usage of this option in the neutron server and not confuse users where this config option has to be set and why. [1] https://review.opendev.org/#/c/311814/ Change-Id: I2ccc4c8784c64858acaa3c3431cf9a3d13e5e154
This commit is contained in:
parent
cb55643a06
commit
740ab628f4
@ -56,13 +56,7 @@ class OpenvswitchMechanismDriver(mech_agent.SimpleAgentMechanismDriverBase):
|
||||
|
||||
def __init__(self):
|
||||
sg_enabled = securitygroups_rpc.is_firewall_enabled()
|
||||
hybrid_plug_required = (
|
||||
not cfg.CONF.SECURITYGROUP.firewall_driver or
|
||||
cfg.CONF.SECURITYGROUP.firewall_driver in (
|
||||
IPTABLES_FW_DRIVER_FULL, 'iptables_hybrid')
|
||||
) and sg_enabled
|
||||
vif_details = {portbindings.CAP_PORT_FILTER: sg_enabled,
|
||||
portbindings.OVS_HYBRID_PLUG: hybrid_plug_required,
|
||||
portbindings.VIF_DETAILS_CONNECTIVITY:
|
||||
portbindings.CONNECTIVITY_L2}
|
||||
# NOTE(moshele): Bind DIRECT (SR-IOV) port allows
|
||||
@ -185,12 +179,10 @@ class OpenvswitchMechanismDriver(mech_agent.SimpleAgentMechanismDriverBase):
|
||||
a_config = agent['configurations']
|
||||
vif_type = self.get_vif_type(context, agent, segment=None)
|
||||
if vif_type != portbindings.VIF_TYPE_VHOST_USER:
|
||||
details = dict(self.vif_details)
|
||||
hybrid = portbindings.OVS_HYBRID_PLUG
|
||||
if hybrid in a_config:
|
||||
# we only override the vif_details for hybrid plugging set
|
||||
# in the constructor if the agent specifically requests it
|
||||
details[hybrid] = a_config[hybrid]
|
||||
details = {
|
||||
**self.vif_details,
|
||||
portbindings.OVS_HYBRID_PLUG: a_config.get(
|
||||
portbindings.OVS_HYBRID_PLUG)}
|
||||
else:
|
||||
sock_path = self.agent_vhu_sockpath(agent, context.current['id'])
|
||||
caps = a_config.get('ovs_capabilities', {})
|
||||
|
@ -44,6 +44,7 @@ class OpenvswitchMechanismBaseTestCase(base.AgentMechanismBaseTestCase):
|
||||
GOOD_TUNNEL_TYPES = ['gre', 'vxlan']
|
||||
GOOD_CONFIGS = {'bridge_mappings': GOOD_MAPPINGS,
|
||||
'integration_bridge': 'br-int',
|
||||
portbindings.OVS_HYBRID_PLUG: True,
|
||||
'tunnel_types': GOOD_TUNNEL_TYPES}
|
||||
|
||||
BAD_MAPPINGS = {'wrong_physical_network': 'wrong_bridge'}
|
||||
@ -119,6 +120,16 @@ class OpenvswitchMechanismSGDisabledBaseTestCase(
|
||||
portbindings.VIF_DETAILS_CONNECTIVITY:
|
||||
portbindings.CONNECTIVITY_L2}
|
||||
|
||||
GOOD_MAPPINGS = {'fake_physical_network': 'fake_bridge'}
|
||||
GOOD_TUNNEL_TYPES = ['gre', 'vxlan']
|
||||
GOOD_CONFIGS = {'bridge_mappings': GOOD_MAPPINGS,
|
||||
'integration_bridge': 'br-int',
|
||||
portbindings.OVS_HYBRID_PLUG: False,
|
||||
'tunnel_types': GOOD_TUNNEL_TYPES}
|
||||
AGENTS = [{'alive': True,
|
||||
'configurations': GOOD_CONFIGS,
|
||||
'host': 'host'}]
|
||||
|
||||
def setUp(self):
|
||||
cfg.CONF.set_override('enable_security_group',
|
||||
False,
|
||||
@ -133,17 +144,6 @@ class OpenvswitchMechanismHybridPlugTestCase(OpenvswitchMechanismBaseTestCase):
|
||||
return base.FakePortContext(self.AGENT_TYPE, agents, segments,
|
||||
vnic_type=self.VNIC_TYPE)
|
||||
|
||||
def test_backward_compat_with_unreporting_agent(self):
|
||||
hybrid = portbindings.OVS_HYBRID_PLUG
|
||||
# agent didn't report so it should be hybrid based on server config
|
||||
context = self._make_port_ctx(self.AGENTS)
|
||||
self.driver.bind_port(context)
|
||||
self.assertTrue(context._bound_vif_details[hybrid])
|
||||
self.driver.vif_details[hybrid] = False
|
||||
context = self._make_port_ctx(self.AGENTS)
|
||||
self.driver.bind_port(context)
|
||||
self.assertFalse(context._bound_vif_details[hybrid])
|
||||
|
||||
def test_hybrid_plug_true_if_agent_requests(self):
|
||||
hybrid = portbindings.OVS_HYBRID_PLUG
|
||||
# set server side default to false and ensure that hybrid becomes
|
||||
@ -240,11 +240,11 @@ class OpenvswitchMechanismDPDKTestCase(OpenvswitchMechanismBaseTestCase):
|
||||
GOOD_TUNNEL_TYPES = ['gre', 'vxlan']
|
||||
|
||||
VHOST_CONFIGS = {'bridge_mappings': GOOD_MAPPINGS,
|
||||
'integration_bridge': 'br-int',
|
||||
'tunnel_types': GOOD_TUNNEL_TYPES,
|
||||
'datapath_type': a_const.OVS_DATAPATH_NETDEV,
|
||||
'ovs_capabilities': {
|
||||
'iface_types': [a_const.OVS_DPDK_VHOST_USER]}}
|
||||
'integration_bridge': 'br-int',
|
||||
'tunnel_types': GOOD_TUNNEL_TYPES,
|
||||
'datapath_type': a_const.OVS_DATAPATH_NETDEV,
|
||||
'ovs_capabilities': {
|
||||
'iface_types': [a_const.OVS_DPDK_VHOST_USER]}}
|
||||
|
||||
VHOST_SERVER_CONFIGS = {'bridge_mappings': GOOD_MAPPINGS,
|
||||
'integration_bridge': 'br-int',
|
||||
|
@ -0,0 +1,9 @@
|
||||
---
|
||||
upgrade:
|
||||
- |
|
||||
The configuration option ``firewall_driver`` is no longer used by
|
||||
neutron-server, it only applies to the L2 agent.
|
||||
This was required for backward-compatibility for hybrid plugging,
|
||||
but since the Newton release the L2 agent has been able to report
|
||||
hybrid plugging is needed in it's report message back to the
|
||||
server.
|
Loading…
x
Reference in New Issue
Block a user